<?php
namespace Home\ Controller;
use\ Home\ Model\ UserModel;
use\ Home\ Controller\ SafeController;
use\ Home\ Controller\ LoginController;
include "./Common/CheckUser.php";

final class UserController {

	public $uid;
	public $account;
	public $name;
	public $qq;
	public $phone;
	public $email;
	public $sex;

	public $userModelObj;
	public $loginObj;
	public $safeObj;

	public function __construct() {
		session_start();
		$this->uid = $_SESSION[ 'uid' ];
		$this->account = $_SESSION[ 'account' ];
		$this->name = $_SESSION[ 'name' ];
		$this->qq = $_SESSION[ 'qq' ];
		$this->phone = $_SESSION[ 'phone' ];
		$this->email = $_SESSION[ 'email' ];
		$this->sex = $_SESSION[ 'sex' ];

		$this->userModelObj = new UserModel();
		$this->loginObj = new LoginController();
		$this->safeObj = new SafeController();
	}
	public function test(){
	    print_r($_SESSION);
	    //echo $this->account;
	}

	//进入个人空间
	public function home() {
		include VIEW_PATH . "index.html";
	}
	//个人main
	public function main(){
	    include VIEW_PATH . "main.html";
	}
	
	//捐款记录列表视图
	public function donateMoneyList(){
        include VIEW_PATH."donate_money_list.html";
    }
	
	//捐书记录列表视图
	public function donateBookList(){
        include VIEW_PATH."donate_book_list.html";
    }
    
    //加载捐款视图
    public function donateMoneyView(){
        //生成trade_no
        $trade_no = date("YmdHis").mt_rand(100,999);
        include VIEW_PATH."donate_money.html";
    }
    
    //加载捐书视图(加书)
	public function donateBookView(){
        include VIEW_PATH."donate_book.html";
    }
	
	//获取用户各项基本信息
	public function profile() {
		//UID、用户名、昵称、QQ、手机、邮箱、性别、(捐书总数、捐款总数)
		session_start();
		//获取某用户的捐书总数
		$id_arrs = $this->userModelObj->getBookId( $this->uid );
		$book_sum = 0;
		foreach ( $id_arrs as $arr ) {
			$book_sum = $this->userModelObj->getBookSum( $arr[ 'donate_book_id' ] );
			$book_count += $book_sum[ 0 ][ 'SUM(book_count)' ];
		}
		//获取某用户的捐款总数
		$money_sum = $this->userModelObj->getMoneySum( $this->uid );
		$money_count = $money_sum[ 0 ][ 'SUM(money)' ];

		$res = [
			'uid' => $this->uid,
			'account' => $this->account,
			'name' => $this->name,
			'qq' => $this->qq,
			'phone' => $this->phone,
			'email' => $this->email,
			'sex' => $this->sex,
			'book_sum' => $book_count,
			'money_sum' => $money_count
		];
		echo json_encode( $res );
	}
	//资料修改
	public function editProfile() {
		session_start();
		$uid = $_POST[ 'uid' ];
		$account = $_POST[ 'account' ];
		$name = $_POST[ 'name' ];
		$qq = $_POST[ 'qq' ];
		$phone = $_POST[ 'phone' ];
		$email = $_POST[ 'email' ];
		$sex = $_POST[ 'sex' ];
		//判断传入uid和SESSION中是否匹配
		if ( $this->uid != $uid ) {
			$code = 500;
			$msg = 'UID不匹配，请重新登陆后重试';
			$res = [
				'code' => $code,
				'msg' => $msg,
				//'uid' => $_SESSION['uid']
			];
			echo json_encode( $res );
			exit();
		}
		//数据处理
		$account = $this->safeObj->simpleClean( $account );
		$name = $this->safeObj->simpleClean( $name );
		$qq = $this->safeObj->simpleClean( $qq );
		$phone = $this->safeObj->simpleClean( $phone );
		$email = $this->safeObj->simpleClean( $email );
		$sex = $this->safeObj->simpleClean( $sex );

		//对数据唯一性进行验证
		if ( $this->account != $account ) {
			$flag_acc = $this->loginObj->_isAccountExist( $account );
		}else{
		    $flag_acc = 1;
		}
		if ( $this->phone != $phone ) {
			$flag_phone = $this->loginObj->_isPhoneExist( $phone );
		}else{
		    $flag_phone = 1;
		}
		if ( $this->email != $email ) {
			$flag_email = $this->loginObj->_isEmailExist( $email );
		}else{
		    $flag_email = 1;
		}

		//对数据为空进行判断
		if ( $account == null || $name == null || $qq == null || $phone == null || $email == null || $sex == null ) {
			$code = 500;
			$msg = '输入项皆不能为空';
			$res = [
				'code' => $code,
				'msg' => $msg
			];
			echo json_encode( $res );
			exit();
		}
		if ( $flag_acc == 1 && $flag_phone == 1 && $flag_email == 1 ) {
			//说明都没有重复
			$row = $this->userModelObj->editProfile( $uid, $account, $name, $qq, $phone, $email, $sex );
			if ( $row == 1 ) {
				//更新SESSION
				$_SESSION[ 'account' ] = $account;
				$_SESSION[ 'name' ] = $name;
				$_SESSION[ 'qq' ] = $qq;
				$_SESSION[ 'phone' ] = $phone;
				$_SESSION[ 'email' ] = $email;
				$_SESSION[ 'sex' ] = $sex;
				//返回信息
				$code = 200;
				$msg = '修改成功';
			} else {
				$code = 500;
				$msg = '数据未更改';
			}
		} else {
			//说明有重复项
			$code = 500;
			$msg = '您输入的用户名、手机号或邮箱其中有已存在的内容';
		}
		$res = [
			'code' => $code,
			'msg' => $msg
		];
		echo json_encode( $res );
	}
	//加载修改密码的视图
	public function editPwdView() {
		include VIEW_PATH . "retrieve.html";
	}
	//密码修改
	public function editPwd() {
		//进行手势验证的安全得分评估
		$server = $_POST[ 'server' ];
		$token = $_POST[ 'token' ];
		$oldpwd = $_POST[ 'oldpwd' ];
		$newpwd1 = $_POST[ 'newpwd1' ];
		$newpwd2 = $_POST[ 'newpwd2' ];
		$res = $this->safeObj->vaptcha( $server, $token, 5 ); //这里返回回来之前已经把json转为数组
		//首先对手势验证进行评判，低于设定分数则返回一个重新错误及重新验证,通过就进行后面的处理
		if ( $res[ 'score' ] < $GLOBALS[ 'config' ][ 'score' ] ) {
			$res = [
				'code' => 500,
				'msg' => '安全验证得分过低，请重试',
				'score' => $res['score']
			];
			echo json_encode( $res );
			exit();
		}
		//对信息进行过滤
		$oldpwd = $this->safeObj->cleanAll( $oldpwd );
		$newpwd1 = $this->safeObj->cleanAll( $newpwd1 );
		$newpwd2 = $this->safeObj->cleanAll( $newpwd2 );
		//空值判断
		if ( $oldpwd == null || $newpwd1 == null || $newpwd2 == null ) {
			$res = [
				'code' => 500,
				'msg' => '所有字段皆不能为空'
			];
			echo json_encode( $res );
			exit();
		}
		if ( $newpwd1 != $newpwd2 ) {
			$res = [
				'code' => 500,
				'msg' => '新密码两次输入不一样'
			];
			echo json_encode( $res );
			exit();
		}
		//老密码的判断
		//取出老密码
		$arr = $this->userModelObj->getOldPwd( $this->uid );
		//对用户输入进行散列
		$oldpwd = md5( $oldpwd );
		if ( $oldpwd == $arr[ 'password' ] ) {
			//散列
			$new = md5( $newpwd2 );
			//判断新老密码一致
			if ( $new == $arr[ 'password' ] ) {
				$res = [
					'code' => 500,
					'msg' => '新老密码不能相同！'
				];
				echo json_encode( $res );
				exit();
			}
			$row = $this->userModelObj->editPwd( $this->uid, $new );
			if ( $row == 1 ) {
				$res = [
					'code' => 200,
					'msg' => '修改成功！'
				];
				echo json_encode( $res );
				exit();
			} else {
				$res = [
					'code' => 500,
					'msg' => '修改失败！'
				];
				echo json_encode( $res );
				exit();
			}
		} else {
			$res = [
				'code' => 500,
				'msg' => '旧密码有误！'
			];
			echo json_encode( $res );
			exit();
		}
	}

}
?>